package com.fuershiye.woman.monitor.shiro.realm;

import com.fuershiye.woman.monitor.model.Permission;
import com.fuershiye.woman.monitor.model.Role;
import com.fuershiye.woman.monitor.model.User;
import com.fuershiye.woman.monitor.service.AdminService;
import com.google.common.collect.Sets;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;

import java.util.List;
import java.util.Set;

public class ShiroRealm extends AuthorizingRealm {

	@Autowired
    private AdminService adminService;

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {

        String username = (String)token.getPrincipal();
        User admin = adminService.findByName(username);
        if(admin == null) {
            throw new UnknownAccountException();//没找到帐号
        }
        if(admin.getStatus()!=1) {
            throw new LockedAccountException(); //帐号锁定
        }
        String password = admin.getPassword();
        //交给AuthenticatingRealm使用CredentialsMatcher进行密码匹配
        SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(
        		admin.getUserName(), //用户名
                password, //密码
                ByteSource.Util.bytes(admin.getUserName()),//salt=username
                getName()  //realm name
        );
        return authenticationInfo;
    }

    @Override
    public void clearCachedAuthorizationInfo(PrincipalCollection principals) {
        super.clearCachedAuthorizationInfo(principals);
    }

    @Override
    public void clearCachedAuthenticationInfo(PrincipalCollection principals) {
        super.clearCachedAuthenticationInfo(principals);
    }

    @Override
    public void clearCache(PrincipalCollection principals) {
        super.clearCache(principals);
    }

    public void clearAllCachedAuthorizationInfo() {
        getAuthorizationCache().clear();
    }

    public void clearAllCachedAuthenticationInfo() {
        getAuthenticationCache().clear();
    }

    public void clearAllCache() {
        clearAllCachedAuthenticationInfo();
        clearAllCachedAuthorizationInfo();
    }

	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {

        String username = (String)principals.getPrimaryPrincipal();

        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
        User admin = adminService.findByName(username);
        if (admin!=null) {
        	Set<String> roles = Sets.newHashSet();
        	Set<String> permissions = Sets.newHashSet();
        	List<Role> list = admin.getRoles();
        	if (list!=null&&list.size()>0) {
				for (Role r : list) {
//					roles.add(r.getRoleCode());
					roles.add(r.getDepartment()+"");
					List<Permission> ps = r.getPermissions();
					if (ps!=null&&ps.size()>0) {
						for (Permission p : ps) {
							permissions.add(p.getPermissionCode());
						}
					}
				}
			}
			authorizationInfo.setRoles(roles);
			authorizationInfo.setStringPermissions(permissions);
		}
        return authorizationInfo;
	}

}
